Re: RNG in a Smart Card

Peter Gutmann (pgut001@cs.auckland.ac.nz)
Mon, 27 Jul 1998 01:41:52 (NZST)

• Next message: Keith Lockstone: "Re: fwd: Re: RC5/6 patents"
• Previous message: Eric Young: "Re: RC5/6 Patents - Clarifications"
• In reply to: Vin McLellan: "Re: RC5/6 Patents - Clarifications"
• Next in thread: Werner Koch: "Re: RNG in a Smart Card"
• Reply: Werner Koch: "Re: RNG in a Smart Card"
• Reply: David Honig: "Re: RNG in a Smart Card"

>>The question is: how does a smart card harvest entropy to generate "good"
>>random numbers? There aren't UI events, network packets, etc.
 
>A noise diode and a few gates.
 
Actually most of them use security through obscurity. I'm not aware of any
which use noise diodes because of the difficulty in manufacturing something
like this on the same die as the processor and memory. While researching my
Usenix paper on (P)RNG's I tried to find a smart card with a secure RNG on it,
but if there are any out there then the manufacturers aren't talking about
them. I have a standing open challenge to smart card manufacturers to show me
a secure RNG on a card, so far I haven't managed to find one.
 
[You also have to be very careful with vendors claims for card security
 features. It is very common to see claims for various security features in
 data sheets and vendor literature which simply don't exist in the actual
 product].
 
Peter.
 

• Next message: Keith Lockstone: "Re: fwd: Re: RC5/6 patents"
• Previous message: Eric Young: "Re: RC5/6 Patents - Clarifications"
• In reply to: Vin McLellan: "Re: RC5/6 Patents - Clarifications"
• Next in thread: Werner Koch: "Re: RNG in a Smart Card"
• Reply: Werner Koch: "Re: RNG in a Smart Card"
• Reply: David Honig: "Re: RNG in a Smart Card"